CN109583217B - Internet e-commerce platform user privacy data encryption and decryption method - Google Patents
Internet e-commerce platform user privacy data encryption and decryption method Download PDFInfo
- Publication number
- CN109583217B CN109583217B CN201811388158.5A CN201811388158A CN109583217B CN 109583217 B CN109583217 B CN 109583217B CN 201811388158 A CN201811388158 A CN 201811388158A CN 109583217 B CN109583217 B CN 109583217B
- Authority
- CN
- China
- Prior art keywords
- key
- character string
- plaintext
- encrypted
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method for encrypting user privacy data of an Internet e-commerce platform, which is used for encrypting and storing a ciphertext secret key and comprises the following steps: generating a vector iv from the incoming raw user data; acquiring a ciphertext key which is encrypted and stored; decrypting the ciphertext key into a plaintext ciphertext key; encrypting an original user data byte stream by using an AES256/CFB8/NOPADDING algorithm through a plaintext ciphertext key and a vector iv to obtain a first encryption character string; performing base64 encoding on the first encrypted character string to obtain a second encrypted character string; and E-, iv and the second encrypted character strings are spliced in sequence to obtain a third encrypted character string, and the third encrypted character string is stored in a database as encrypted data. The invention encrypts the user privacy data, prevents the user privacy data information of the database system from being leaked, and improves the processing efficiency.
Description
Technical Field
The invention relates to the field of information security, in particular to a method for encrypting and decrypting user private data of an Internet e-commerce platform.
Background
In the process of providing services by the Internet e-commerce platform, a large amount of privacy information such as names, identification cards, telephones and the like of users is involved, and most of the privacy information of the users is usually stored in a database in a clear text mode. The encrypted storage of the user privacy data becomes an important means for protecting the user privacy data from being leaked. Meanwhile, newly issued network security laws and information security level protection newly require that user privacy data are encrypted and then stored.
At present, data encryption storage is carried out in a mode of (1) purchasing hardware-level encryption equipment for deployment; (2) and deploying a software-level encryption mode. The existing hardware level encryption equipment is difficult to implement, poor in expansibility and high in cost. And the hardware-level encryption equipment expands the data access part of the database to realize the encryption and decryption operations of the data. The method for expanding the access mode of the database is simpler and more feasible for an open-source database, but for a commercial database, the method can be realized only by code support of a manufacturer, and upgrading and maintenance are more difficult. In addition, since a key for encryption/decryption is arranged on the database side or locally, when data is stored in an encrypted manner when stored in a database and when data is extracted to decrypt the data to return to a user, the software-level encryption method has a risk of information leakage caused by intrusion from the outside to the database system, or improper behavior of a database administrator or the like, or an operation error. Moreover, the identity authentication and access control function generally adopts simple encryption mechanisms such as password authentication or primary encryption and the like; the encrypted key is generally stored in a local or database and is easy to be obtained or illegally operated by a user with authority; the key is held by the service and is encrypted and decrypted, encrypted data sharing is not supported, and service expansion is not flexible.
Disclosure of Invention
Aiming at the defects, the invention provides a method for encrypting and decrypting the private data of the Internet e-commerce platform user, which solves the problem of divulgence of the data of the database.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
a method for encrypting user privacy data of an Internet e-commerce platform is characterized in that a ciphertext secret key is encrypted and stored, and the method for encrypting the user privacy data of the Internet e-commerce platform comprises the following steps:
s01, generating a vector iv from the incoming raw user data;
s02, acquiring the encrypted and stored cipher text key;
s03, decrypting the ciphertext key into a plaintext ciphertext key;
s04, encrypting the original user data byte stream by using an AES256/CFB8/NOPADDING algorithm through a plaintext cipher key and a vector iv to obtain a first encryption character string;
s05, performing base64 coding on the first encrypted character string to obtain a second encrypted character string;
and S06, sequentially splicing the E-, the iv and the second encrypted character strings to obtain a third encrypted character string, and storing the third encrypted character string serving as encrypted data into a database.
Further, the method for encrypting and storing the ciphertext key comprises the following steps: the created plaintext cipher key is sequentially intercepted into three sections of plaintext character strings, the three sections of plaintext character strings are respectively encrypted by using a determined key character string in an AES (advanced encryption standard) mode and are reversely ordered to obtain three sections of key encryption sections, and the three sections of key encryption sections are respectively stored in different logical volume directories of the disk.
Furthermore, the method for obtaining the encrypted and stored ciphertext key comprises the following steps:
the three sections of key encryption subsections stored in different logical volume catalogs of the disk are respectively decrypted by using a determined key character string to carry out AES decryption to obtain three sections of plaintext character strings, and the three sections of plaintext character strings are spliced in sequence to obtain a complete plaintext ciphertext key;
carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext ciphertext key in sequence by using a specific character string key to encrypt, and obtaining a ciphertext key after secondary encryption;
still further, the method for decrypting the ciphertext key into the plaintext ciphertext key comprises the following steps: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
Based on the above, the present invention further provides a decryption method, corresponding to the above-mentioned internet e-commerce platform user privacy data encryption method, the decryption method includes the following steps:
(1) fetching the encrypted data from the database;
(2) removing the first 2 bytes of the encrypted data to obtain a first decryption character string;
(3) taking the first 16 characters of the first decryption character string to obtain a vector iv;
(4) removing the first 16 characters of the first decryption character string to obtain a second decryption character string;
(5) performing base64 decoding on the second decryption character string to obtain a third decryption character string;
(6) acquiring a ciphertext key which is encrypted and stored;
(7) decrypting the ciphertext key into a plaintext ciphertext key;
(8) and decrypting the third decryption string by using an AES256/CFB8/NOPADDING algorithm through the plaintext and ciphertext key and the vector iv to obtain decrypted data.
Further, the method for obtaining the encrypted and stored ciphertext key comprises the following steps:
the three sections of key encryption subsections stored in different logical volume catalogs of the disk are respectively decrypted by using a determined key character string to carry out AES decryption to obtain three sections of plaintext character strings, and the three sections of plaintext character strings are spliced in sequence to obtain a complete plaintext ciphertext key;
and sequentially carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext and ciphertext key by using a specific character string key to encrypt, thereby obtaining the ciphertext key after secondary encryption.
Further, the method for decrypting the ciphertext key into the plaintext ciphertext key comprises the following steps: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
Compared with the prior art, the invention has the following beneficial effects:
the invention can encrypt and store data to meet the latest network security law and new rule of information security protection. The invention adopts a software-level encryption mode to avoid the problems of hardware-level encryption equipment, encrypts the user privacy data, prevents the user privacy data information of a database system from being leaked, improves the processing efficiency, encrypts and stores the ciphertext key, decrypts the ciphertext key into a plaintext ciphertext key for use after secondary encryption when the ciphertext key is taken out, improves the encryption level of the ciphertext key, effectively avoids the possibility that the ciphertext key is acquired or illegally operated by a user with authority, and further improves the encryption level of the user privacy data.
Drawings
Fig. 1 is a flow chart illustrating an encryption method according to the present invention.
Fig. 2 is a structural diagram of an internet e-commerce platform user privacy data encryption apparatus according to an embodiment of the present invention.
Fig. 3 is a structural diagram of a key management unit in the embodiment of the present invention.
Fig. 4 is a flowchart of key management of the key management unit in the embodiment of the present invention.
Detailed Description
The present invention is further illustrated by the following figures and examples, which include, but are not limited to, the following examples.
As shown in fig. 1, a method for encrypting user privacy data of an internet e-commerce platform, where a ciphertext key is encrypted and stored, includes the following steps:
s01, generating a vector iv from the incoming raw user data;
s02, acquiring the encrypted and stored cipher text key;
s03, decrypting the ciphertext key into a plaintext ciphertext key;
s04, encrypting the original user data byte stream by using an AES256/CFB8/NOPADDING algorithm through a plaintext cipher key and a vector iv to obtain a first encryption character string;
s05, performing base64 coding on the first encrypted character string to obtain a second encrypted character string;
and S06, sequentially splicing the E-, the iv and the second encrypted character strings to obtain a third encrypted character string, and storing the third encrypted character string serving as encrypted data into a database.
The method for encrypting and storing the ciphertext key comprises the following steps: the created plaintext cipher key is sequentially intercepted into three sections of plaintext character strings, the three sections of plaintext character strings are respectively encrypted by using a determined key character string in an AES (advanced encryption standard) mode and are reversely ordered to obtain three sections of key encryption sections, and the three sections of key encryption sections are respectively stored in different logical volume directories of the disk.
The method for acquiring the encrypted and stored ciphertext key comprises the following steps:
the three sections of key encryption subsections stored in different logical volume catalogs of the disk are respectively decrypted by using a determined key character string to carry out AES decryption to obtain three sections of plaintext character strings, and the three sections of plaintext character strings are spliced in sequence to obtain a complete plaintext ciphertext key;
carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext ciphertext key in sequence by using a specific character string key to encrypt, and obtaining a ciphertext key after secondary encryption;
the method for decrypting the ciphertext key into the plaintext ciphertext key comprises the following steps: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
The invention also provides a decryption method, which corresponds to the encryption method for the user privacy data of the Internet E-commerce platform, and comprises the following steps:
(1) fetching the encrypted data from the database;
(2) removing the first 2 bytes of the encrypted data to obtain a first decryption character string;
(3) taking the first 16 characters of the first decryption character string to obtain a vector iv;
(4) removing the first 16 characters of the first decryption character string to obtain a second decryption character string;
(5) performing base64 decoding on the second decryption character string to obtain a third decryption character string;
(6) acquiring a ciphertext key which is encrypted and stored;
(7) decrypting the ciphertext key into a plaintext ciphertext key;
(8) and decrypting the third decryption string by using an AES256/CFB8/NOPADDING algorithm through the plaintext and ciphertext key and the vector iv to obtain decrypted data.
The method for acquiring the encrypted and stored ciphertext key comprises the following steps: the three sections of key encryption subsections stored in different logical volume catalogs of the disk are respectively decrypted by using a determined key character string to carry out AES decryption to obtain three sections of plaintext character strings, and the three sections of plaintext character strings are spliced in sequence to obtain a complete plaintext ciphertext key;
and sequentially carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext and ciphertext key by using a specific character string key to encrypt, thereby obtaining the ciphertext key after secondary encryption.
The method for decrypting the ciphertext key into the plaintext ciphertext key comprises the following steps: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
Example (b):
as shown in fig. 2, the internet e-commerce platform user privacy data encryption device based on the aforementioned encryption and decryption method is composed of a database field encryption setting unit, an encryption unit, a decryption unit, and a key management unit, where the database field encryption setting unit, the encryption unit, and the decryption unit together form an application program, that is, a requester, the application program and the key management unit exist independently, and the application program requests a ciphertext key from the key management unit; the basic functions are as follows:
a database field encryption setting unit: according to the characteristics of user privacy information, whether storage fields in a database are encrypted or not is set, and the principle of judging whether the storage fields are encrypted or not is determined by the content of a configuration file, for example, telephone, username and other fields are configured in an xml configuration file, and the fields are encrypted when the fields exist in the read user data;
an encryption unit: the user privacy data is encrypted, the key required for encryption being provided by the key management unit.
A decryption unit: the encrypted data generated by the encryption unit is decrypted, and a key required for decryption is provided by the key management unit.
A key management unit: and a corresponding key is provided for data encryption and decryption, and the unit consists of a key management program, an encryption module and a decryption module. The key management program functions include an access control function: only allowing the object which exists in the access control list and meets the relevant conditions to obtain the ciphertext key; and (4) secondary encryption function: after the decryption module is called to obtain the ciphertext key, secondarily encrypting the ciphertext key; the interface access function: and providing a relevant protocol interface for the application program (namely the requester) to obtain the ciphertext key, and returning the ciphertext key subjected to secondary encryption to the application program (namely the requester). And the encryption module encrypts the plaintext and ciphertext keys and stores the plaintext and ciphertext keys in a segmented manner. The decryption module is called by the key management program, reads the encrypted and stored segmented files and decrypts the segmented files into plaintext and ciphertext keys.
The concrete description is as follows:
a database field encryption setting unit: compiling codes by using python, and judging which fields need to be encrypted and decrypted according to related configuration;
an encryption unit: and writing a C expansion module of python by using C language, transmitting a cipher text key required by encryption by a parameter, and storing a vector in encrypted data. The specific encryption process comprises the following steps:
(1) the incoming parameters are original user data, and a vector iv is generated according to the original user data;
(2) acquiring a ciphertext key subjected to secondary encryption through a key management unit, and sequentially performing base64 decoding, reverse sequence of character strings and exclusive or processing with a specific character string key on the ciphertext key subjected to secondary encryption to obtain a plaintext ciphertext key;
(3) encrypting the original data byte stream by using an AES256/CFB8/NOPADDING algorithm through a plaintext ciphertext key and a vector iv to obtain a first encryption character string;
(4) performing base64 encoding on the first encrypted character string to obtain a second encrypted character string;
(5) e-, iv and the second encrypted character strings are sequentially spliced to obtain a third encrypted character string, the third encrypted character string is encrypted data stored in a database, and E-is a prefix identification character which has no specific meaning and is used for identifying the section of encrypted character string;
a decryption unit: the C expansion module of python is written by using C language, a key required by encryption is transmitted by a parameter, and the specific decryption flow is as follows:
(1) an application program (namely a requester) calls data in a database and takes out encrypted data;
(2) removing the first 2 bytes (namely E-) of the encrypted data to obtain a first decryption character string;
(3) taking the first 16 characters of the first decryption character string to obtain a vector iv;
(4) removing the first 16 characters of the first decryption character string to obtain a second decryption character string;
(5) performing base64 decoding on the second decryption character string to obtain a third decryption character string;
(6) acquiring a ciphertext key subjected to secondary encryption through a key management unit, and sequentially performing base64 decoding, reverse sequence of a character string and exclusive or processing with a specific character string key on the ciphertext key to obtain a plaintext ciphertext key;
(7) decrypting the third decryption character string by using an AES256/CFB8/NOPADDING algorithm through a plaintext ciphertext key and the vector iv to obtain decrypted data;
as shown in fig. 3 and 4, the key management unit: the C expansion module of the C language python is used, the AES algorithm is adopted to realize data encryption and decryption, and the C expansion module comprises an encryption module and a decryption module, and the specific flow is as follows:
(1) a ciphertext key manager creates a plaintext ciphertext key, sequentially intercepts the plaintext ciphertext key into three sections of character strings, executes an encryption module, respectively uses the three sections of plaintext character strings to carry out AES encryption and carries out reverse order to obtain three sections of key encryption sections, and respectively stores the three sections of key encryption sections in different logical volume directories of a disk and stores the three sections of key encryption sections in the different logical volume directories of the disk; the encryption module is compiled by adopting C language, and after the encryption module is compiled, decompilation can be prevented, so that an encryption algorithm is stolen;
(2) the ciphertext key manager creates an access control list (namely a database white list table) in the database;
(3) the ciphertext key manager provides https interface access for an application program (namely a requester);
(4) the ciphertext key administrator allocates an appid, a signature key string secret and a specific string key required by exclusive or to the application program (namely the requester), and adds related access control parameters (frequency limitation, access source limitation and the like) to the application program (namely the requester) in an access control list;
when an application program (namely a requester) calls a key management program interface of a key management unit, the key management program calls a decryption module to read three key encryption segments stored in different logical volume directories of a disk, the three key encryption segments stored in the different logical volume directories of the disk are respectively subjected to AES decryption by using a determined key character string to obtain three plaintext character strings, and the three plaintext character strings are sequentially spliced to obtain a complete plaintext ciphertext key; and sequentially carrying out XOR processing, the reverse order of the character strings and base64 encoding on the character strings of the plaintext and ciphertext key by using a specific character string key to encrypt, obtaining a ciphertext key after secondary encryption, and returning the ciphertext key after secondary encryption to the application program (namely the requester). The decryption module is compiled by adopting C language, and after the decryption module is compiled, decompilation can be prevented, so that a decryption algorithm is stolen;
the application (i.e., the requestor) obtains the ciphertext key: an application program (namely a requester) calls a key management unit interface through an https protocol, and request parameters comprise appid, t and sign, wherein appid is the appid distributed by the ciphertext key manager for the application program (namely the requester), t is a current timestamp, sign is an md5 value of a calculation character string appid & t & secret, and secret is a signature key character string secret distributed by the ciphertext key manager for the application program (namely the requester); for example: assuming that ap id 123, t 1541558216, and secret abcd, secret md5 ("ap id 123& t 1541558216& secret abcd") -e 0ba439dfaf7d6d0fde2cc9bc8a4e0 af;
after the request is successful, the application program (i.e. the requester) acquires the ciphertext key encrypted by the key management unit for the second time, and performs base64 decoding, reverse order of the character string and exclusive or processing with a specific character string key respectively on the character string of the ciphertext key, wherein the specific character string key is the character string required by the exclusive or distributed by the ciphertext key manager for the application program (i.e. the requester), and finally the application program obtains the ciphertext key of the plaintext.
The application encrypts the incoming raw user data: the application program judges whether the original user data needs to be encrypted according to the conditions set by the database field encryption setting unit, if so, the application program calls the encryption unit, encrypts the corresponding field by using a plaintext ciphertext key and stores the corresponding field in the database;
the application decrypts the user data: and the application program judges whether the user data needs to be decrypted according to the conditions set by the database field encryption setting unit, if so, the application program calls the decryption unit and decrypts the corresponding field by using the plaintext ciphertext key.
The above embodiments are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention, but all changes that can be made by applying the principles of the present invention and performing non-inventive work on the basis of the principles shall fall within the scope of the present invention.
Claims (7)
1. A method for encrypting user privacy data of an Internet e-commerce platform is characterized in that a ciphertext secret key is encrypted and stored, and the method for encrypting the user privacy data of the Internet e-commerce platform comprises the following steps:
s01, generating a vector iv from the incoming raw user data;
s02, acquiring the encrypted and stored cipher text key;
s03, decrypting the ciphertext key into a plaintext ciphertext key;
s04, encrypting the original user data byte stream by using an AES256/CFB8/NOPADDING algorithm through a plaintext cipher key and a vector iv to obtain a first encryption character string;
s05, performing base64 coding on the first encrypted character string to obtain a second encrypted character string;
and S06, sequentially splicing the E-, the iv and the second encrypted character strings to obtain a third encrypted character string, and storing the third encrypted character string as encrypted data into a database, wherein the E-is a prefix identification character, has no specific meaning and is used for identifying the section of encrypted character string.
2. The method for encrypting the private data of the internet e-commerce platform user according to claim 1, wherein the method for encrypting and storing the ciphertext key comprises the following steps: the created plaintext cipher key is sequentially intercepted into three sections of plaintext character strings, the three sections of plaintext character strings are respectively encrypted by using a determined key character string in an AES (advanced encryption standard) mode and are reversely ordered to obtain three sections of key encryption sections, and the three sections of key encryption sections are respectively stored in different logical volume directories of the disk.
3. The method for encrypting the user privacy data of the internet e-commerce platform according to claim 2, wherein the method for obtaining the encrypted and stored cipher text key comprises the following steps:
the three sections of key encryption subsections stored in different logical volume catalogs of the disk are respectively decrypted by using a determined key character string to carry out AES decryption to obtain three sections of plaintext character strings, and the three sections of plaintext character strings are spliced in sequence to obtain a complete plaintext ciphertext key;
and sequentially carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext and ciphertext key by using a specific character string key to encrypt, thereby obtaining the ciphertext key after secondary encryption.
4. The method for encrypting the private data of the internet e-commerce platform user according to claim 3, wherein the method for decrypting the ciphertext key into the plaintext ciphertext key comprises the following steps: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
5. A decryption method corresponding to the method for encrypting the private data of the internet e-commerce platform user as claimed in claim 4, comprising the steps of:
(1) fetching the encrypted data from the database;
(2) removing the first 2 bytes of the encrypted data to obtain a first decryption character string;
(3) taking the first 16 characters of the first decryption character string to obtain a vector iv;
(4) removing the first 16 characters of the first decryption character string to obtain a second decryption character string;
(5) performing base64 decoding on the second decryption character string to obtain a third decryption character string;
(6) acquiring a ciphertext key which is encrypted and stored;
(7) decrypting the ciphertext key into a plaintext ciphertext key;
(8) and decrypting the third decryption string by using an AES256/CFB8/NOPADDING algorithm through the plaintext and ciphertext key and the vector iv to obtain decrypted data.
6. The decryption method according to claim 5, wherein the method for obtaining the encrypted stored ciphertext key comprises:
respectively carrying out AES decryption on the three sections of key encryption segments stored in different logical volume directories of the disk by using a determined key character string to obtain three sections of plaintext character strings, and splicing the three sections of plaintext character strings in segments in sequence to obtain a complete plaintext cipher key;
and sequentially carrying out XOR processing, reverse sequence of character strings and base64 encoding on the character strings of the plaintext and ciphertext key by using a specific character string key to encrypt, and obtaining the ciphertext key after secondary encryption.
7. The decryption method according to claim 6, wherein the method for decrypting the ciphertext key into the plaintext ciphertext key comprises: and carrying out base64 decoding, reverse sequence of the character string and exclusive or processing with the specific character string key on the ciphertext key in sequence to obtain the plaintext ciphertext key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811388158.5A CN109583217B (en) | 2018-11-21 | 2018-11-21 | Internet e-commerce platform user privacy data encryption and decryption method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811388158.5A CN109583217B (en) | 2018-11-21 | 2018-11-21 | Internet e-commerce platform user privacy data encryption and decryption method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109583217A CN109583217A (en) | 2019-04-05 |
| CN109583217B true CN109583217B (en) | 2022-06-07 |
Family
ID=65923180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811388158.5A Active CN109583217B (en) | 2018-11-21 | 2018-11-21 | Internet e-commerce platform user privacy data encryption and decryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109583217B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110650191A (en) * | 2019-09-20 | 2020-01-03 | 浪潮电子信息产业股份有限公司 | Data read-write method of distributed storage system |
| CN110868287B (en) * | 2019-10-24 | 2023-06-30 | 广州江南科友科技股份有限公司 | Authentication encryption ciphertext coding method, system, device and storage medium |
| CN111046422B (en) * | 2019-12-09 | 2021-03-12 | 支付宝(杭州)信息技术有限公司 | Coding model training method and device for preventing private data leakage |
| CN111104693A (en) * | 2019-12-26 | 2020-05-05 | 陕西美亚秦安信息科技有限公司 | Android platform software data cracking method, terminal device and storage medium |
| CN112311529A (en) * | 2020-10-27 | 2021-02-02 | 银清科技有限公司 | Data encryption method, data decryption method and data processing method of database |
| CN112468494B (en) * | 2020-11-26 | 2022-05-17 | 湖北航天信息技术有限公司 | Intranet and extranet internet data transmission method and device |
| CN112580068B (en) * | 2020-11-30 | 2023-05-23 | 北卡科技有限公司 | SQLite database security enhancement method |
| CN112671748A (en) * | 2020-12-18 | 2021-04-16 | 深圳中科智能技术有限公司 | Traceable encrypted data transmission method and system |
| CN112887311A (en) * | 2021-01-26 | 2021-06-01 | 北京高因科技有限公司 | Safety encryption method and device based on data transmission process |
| CN112995204B (en) * | 2021-04-09 | 2022-07-08 | 厦门市美亚柏科信息股份有限公司 | Method, device, equipment and storage medium for safely reading Protonmail encrypted mail |
| CN114154123B (en) * | 2022-02-09 | 2022-05-17 | 北京天防安全科技有限公司 | Encryption protection method applied to Python project |
| CN115801274B (en) * | 2022-11-17 | 2023-07-11 | 广州芯德通信科技股份有限公司 | Firmware protection method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101449578A (en) * | 2006-05-16 | 2009-06-03 | 京瓷株式会社 | Stream generation method, broadcast reception device, and display method |
| CN102063599A (en) * | 2011-01-10 | 2011-05-18 | 杭州电子科技大学 | Document encrypting and decrypting methods based on Chinese character handwriting of touch screen |
| CN102314580A (en) * | 2011-09-20 | 2012-01-11 | 西安交通大学 | Vector and matrix operation-based calculation-supported encryption method |
| CN102404111A (en) * | 2011-12-28 | 2012-04-04 | 王勇 | Method for encrypting in sections by using uncertain encryption algorithm |
| CN103118089A (en) * | 2013-01-22 | 2013-05-22 | 华中科技大学 | Safe storage method based on a plurality of cloud storage systems and system thereof |
| JP2014224925A (en) * | 2013-05-16 | 2014-12-04 | 凸版印刷株式会社 | Encrypting device, decrypting device, encrypting method, decrypting method, and program |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9432341B2 (en) * | 2013-05-30 | 2016-08-30 | International Business Machines Corporation | Securing data in a dispersed storage network |
-
2018
- 2018-11-21 CN CN201811388158.5A patent/CN109583217B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101449578A (en) * | 2006-05-16 | 2009-06-03 | 京瓷株式会社 | Stream generation method, broadcast reception device, and display method |
| CN102063599A (en) * | 2011-01-10 | 2011-05-18 | 杭州电子科技大学 | Document encrypting and decrypting methods based on Chinese character handwriting of touch screen |
| CN102314580A (en) * | 2011-09-20 | 2012-01-11 | 西安交通大学 | Vector and matrix operation-based calculation-supported encryption method |
| CN102404111A (en) * | 2011-12-28 | 2012-04-04 | 王勇 | Method for encrypting in sections by using uncertain encryption algorithm |
| CN103118089A (en) * | 2013-01-22 | 2013-05-22 | 华中科技大学 | Safe storage method based on a plurality of cloud storage systems and system thereof |
| JP2014224925A (en) * | 2013-05-16 | 2014-12-04 | 凸版印刷株式会社 | Encrypting device, decrypting device, encrypting method, decrypting method, and program |
Non-Patent Citations (2)
| Title |
|---|
| Research of Key Technologies on Encrypting Vector Spatial Data in Oracle Spatial;Guangshi Li 等;《2010 2nd International Conference on Information Engineering and Computer Science》;20101226;第1-4页 * |
| 云计算环境下基于矩阵加密的查询算法研究;万木君;《科技通报》;20170731;第33卷(第7期);第125-128页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109583217A (en) | 2019-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109583217B (en) | Internet e-commerce platform user privacy data encryption and decryption method | |
| EP3453135B1 (en) | System and method for encryption and decryption based on quantum key distribution | |
| CN105681039B (en) | Method and device for generating a secret key and corresponding decryption | |
| US8495383B2 (en) | Method for the secure storing of program state data in an electronic device | |
| US20100005318A1 (en) | Process for securing data in a storage unit | |
| US11831753B2 (en) | Secure distributed key management system | |
| CN113346998B (en) | Key updating and file sharing method, device, equipment and computer storage medium | |
| KR101648364B1 (en) | Method for improving encryption/decryption speed by complexly applying for symmetric key encryption and asymmetric key double encryption | |
| US11321471B2 (en) | Encrypted storage of data | |
| CN109510702B (en) | Key storage and use method based on computer feature codes | |
| CN113886793A (en) | Device login method, device, electronic device, system and storage medium | |
| CN110287725B (en) | Equipment, authority control method thereof and computer readable storage medium | |
| CN116132041A (en) | Key processing method and device, storage medium and electronic equipment | |
| CN115766270A (en) | File decryption method, file encryption method, key management method, device and equipment | |
| KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device | |
| CN111831978A (en) | Method and device for protecting configuration file | |
| CN114285557A (en) | Communication encryption method, system and device | |
| CN109933994B (en) | Data hierarchical storage method and device and computing equipment | |
| Bojanova et al. | Cryptography classes in bugs framework (BF): Encryption bugs (ENC), verification bugs (VRF), and key management bugs (KMN) | |
| KR102199283B1 (en) | System and method for encrypting application data | |
| CN112769560B (en) | Key management method and related device | |
| CN117938546B (en) | Verification and data access method of electronic account | |
| CN114125830B (en) | APP data encryption transmission method, device and medium | |
| US11552796B2 (en) | Cryptographic processing events for encrypting or decrypting data | |
| JP2013179473A (en) | Account generation management system, account generation management server, account generation management method, account generation management program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |